CGI::Application and recent bash security hole

Sue Spence virtuallysue at
Thu Sep 25 17:59:46 BST 2014

Is your system shell bash? Does your application have any code which shells
out to that (system(), ``, qx() etc)?  If so, then probably yes.

On 25 September 2014 14:52, gvim <gvimrc at> wrote:

> I built a site several years ago with CGI::Application which runs in cgi,
> not psgi mode. Is it likely to be vulnerable to the recent bash security
> hole which I understand revolves around setting ENV variables?
> gvim

More information about the mailing list